Vulnerabilities of Organizational Networks and the Internets - Coursework Example

?Running head: Vulnerabilities of Organizational Networks and Internets Vulnerabilities of Organizational Networks and Internets Introduction The IT (Information Technology) industry has the potential to explore new avenues for the production of new and advanced products but it has various loopholes and chances of its wrong usage is also high. The advancement in the field of computer programming, networks and internet have raised concerns about the risks associated with the IT security, vulnerability to viruses and misuse of its various functions and programs. Vulnerability can be described as the weakness or the inadequate IT security which results in an unauthorized access to the data causing harm to the information and the system per se. This paper analyses and studies the various security weaknesses which hampers the organization’s information system. A brief study of the technical and non technical measures and methods are listed which would ensure that the company or the organization is protected from any unauthorized access to their system. Definition and Impact of Vulnerability on an organization The Organization of Internet Safety defines security vulnerability as “security vulnerability is a flaw within a software system that can cause it to work contrary to is documented design and could be exploited to cause the system to violate its documented security policy” (Telang and Wattal, 2005, p2). Vulnerability is security weakness in the software or the hardware on a system or a server that can be attacked or gained access to, by an intruder. The weakness or the loophole can be physical, technical or network related (Kizza, 2007). In today’s tough and competitive marketplace, it is imperative for all the organizations to have strong measures against all anticipated vulnerabilities. Companies stand a risk to lose time, money and may hamper its future growth, if the concept of vulnerability management is not adhered to and practiced. For example, a security defect in any software may cause loss of millions of dollars in terms of downtime, integrity issues and interrupting the growth of the organization (Brackin, 2003). Vulnerabilities of Organizational Networks There are various sources of system vulnerabilities. Poor design flow, improper use of the firewall, the nature of intruder activity, improper security management, no restriction in the usage of internet, improper implementation of the security appliances are some of the major causes of IT vulnerability. In an organization, the two major components of a computer system, hardware and software are quite vulnerable (Kizza, 2007). An organization uses the computers for almost each and every sphere of activity. This enables the companies to have the ability to use and practice internet in their day to day operations. The most common cyber security vulnerability IT mangers are facing in terms of their software design flows. Software are more prone to security losses for their less complexity, involvement of the human factors, lack of security equipments while testing and implementing the software programs. The software professionals often have a rush to finish the product. There are some attention failures possible on the part of the professionals, for example, if they forget to add some security verification questions, it becomes accessible to many unauthorized ones. A software program may have many possible outcomes. It is important to choose the best fit and the correct to be used. There might be some malice professionals in the company. Many viruses, bugs are downloaded in software and then are circulated and transferred from one computer to another. Some security software are difficult to locate and used. The software product needs to be thoroughly tested under all possible circumstances as no software product can fit in all environments. In almost all the organizations, Local area networks (LANs) is being used and implemented in meeting data processing and to work in tandem with other companies in the global market. The Institute of Electrical and Electrical Engineers (IEEE) defined LAN as “a dotcom system allowing a number of independent devices to communicate directly with each other, within a moderately sized geographic area over physical communication channel of moderate rates” (FIPS, 1994). The security controls on one of the computer proves useless unless and until it is exercised open the entire computer connected over LAN. Users must ensure that the data transmitted over the LAN network and the LAN network should be properly and adequately secured. It is important for all the users to adhere to the same. A LAN in turn connects itself to the main server. All the workstations, printers allow the users to access and share the information and resources, which makes it quite vulnerable. In any organization the intranet web applications are more vulnerable than the internet sites as they are not stringently checked and audited. The external protection is considered to be covering the intranet computers as well. The attackers are more likely to attack one computer thus spreading the virus on other systems. Over the years economic crisis continues to impact companies on large scale, thus the possibility of internal damage is also on a high rise. Proper precaution is needed to prevent the companies and the system from getting hacked by the attackers. For example, Microsoft has added many new features and security firewalls to let the computer user protect their work and confidential information (Cerrudo, 2008). The modern day’s computers are preloaded with the wireless networking. It has many advantages. It makes the user get all the information quickly and provides the ease to access the information resources. The communication takes place using the radio frequencies, as a result of which the risk of interception is higher than with wired networks. For example, when a user connects the computer with a wireless access point from any other company’s network, chances of security breach is more. The usage of laptops makes the wireless networks more vulnerable as it provides the ease of integrating the network on a wireless connection (Choi, Robles, Hong, and Kim, 2008). Human being needs telephone wires or sound waves to communicate. A computer needs cables, radio waves the internet also uses different type of transmission media to send and receive messages. The most common is the copper cable which is used in the LAN networks. As they are connected through the walls, the vulnerability of the transmission media is the most (Choi et al., 2008). In an enterprise network, where many computers are connected to each other, strict monitoring and protection is needed to protect it from malpractices.in many organizations where the vulnerability management is in place but inadvertently followed. Companies still use the default credentials on the network which makes them quite vulnerable to the outsiders. Measures to combat IT vulnerability All the organizations should have a broad and an updated data security protection program in place. This encompasses both technical and non technical solution to any problem arising out of any security defect. All networks in a company or any organization are quite vulnerable to cyber security threats. To ensure that the companies are well protected from any kind of threat, the areas of weaknesses should be well educated to all the employees and the cyber company owners. There should be an expert guidance in terms of imparting education to understand and anticipate the risk areas. An organization should have a policy which involves both monitoring and evaluating the effectiveness of the security policies in practice. There should be strong firewalls and strong password protection on all the computers which would restrict the access to the network resources by an unauthorized person. The administrators also should be aware of the security agreements, be well informed about the personals in -charge of setting and executing the security event. Conclusion Computer and telecommunicating industry has developed at a large extent. It has resulted in many loopholes and gaps which makes it quite vulnerable. Companies find it quite difficult and challenging to gauge and understand the areas which are vulnerable. There are numerous loopholes and gaps which poses as a threat or which has security weaknesses. The security personals in the large companies find it extremely difficult to collect all the information’s from each and every line of business. A sound and comprehensive screening program should be set up so that only the authorized ones are allowed to access. This will help the companies to protect their dataset as well the personal and organizational integrity. References Brackin, C. (2003). Vulnerability management: tools, challenges and best practices. SANS Institute. Cerrudo, C. (2008). Opening intranets to attacks by using Internet Explorer. Argeniss Information Security. Choi, M., Robles, R.J., Hong, C., and Kim, T. (2008). Wireless network security: vulnerabilities, threats and countermeasures. International Journal of Multimedia and Ubiquitous Engineering. Vol 3, No.3, pp 77-86. FIPS. (1994). Guideline for the analysis local area network security. Federal Information Processing Standards Publication. Kizza (2007). Chapter 4: Computer network vulnerabilities – computer network security. [online] retrieved on Oct 5, 2012 from http://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CCMQFjAA&url=http%3A%2F%2Fwww.utc.edu%2F~jkizza%2FBooks%2FSpringer3%2FNotes3%2FChapter4.ppt&ei=Q5BuUP_6LsysrAeQqYG4Aw&usg=AFQjCNFcKeai00ZAtH-RCFByvfoc7VPC3g&sig2=Dc9usYxAJujvmW4gvpmcKA Telang, R. and Wattal, S. (2005). Impact of software vulnerability announcements on the market value of software vendors – an empirical investigation. [online] retrieved on Oct 5 2012 from http://infosecon.net/workshop/pdf/telang_wattal.pdf Read More